I have the following apache config:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
DocumentRoot /var/www/html/public/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/ssl.crt
SSLCertificateKeyFile /etc/apache2/ssl/ssl.key
Alias /login/ /var/www/html/saml_provider/www/
<LocationMatch "^(.*\.php)$">
ProxyPass fcgi://presentation-php-fpm:9000/var/www/public
</LocationMatch>
</VirtualHost>
</IfModule>
hitting www.example.com/hello.php works fine as the LocationMatch block picks up this is a php file and sends it on to the php-fpm engine using proxy-pass.
However, hitting www.example.com/login/hi.php does not work, giving a php "file not found" error. This makes sense, because I guess that it is trying to find the file in /var/www/public but it is actually in /var/www/html/saml_provider/www/.
How can I fix this so that php also serves any .php file on the alias such that:
www.example.com/login/hi.php --- served by php from ----> /var/www/html/saml_provider/www/hi.php
Related
I am trying to run two php versions with apache. One (PHP7) is setup with mod and the other (PHP8) I am trying to set up with CGI. I am currently testing both work using the different vhosts for https and http. I have the following virtual hosts in my httpd-vhosts.conf file:
<VirtualHost 0.0.0.0:80>
SetEnv PHPRC "C:/Program Files/PHP/php-8.1.12/"
ScriptAlias /php8112/ "C:/Program Files/PHP/php-8.1.12/"
Action application/x-httpd-8112 "/php8112/php.exe"
AddType application/x-httpd-8112 .php
<Directory "C:/Program Files/PHP/php-8.1.12/">
<Files "php.exe">
Require all granted
</Files>
</Directory>
DocumentRoot "D:/Test/Site/public"
ServerName test.local
CustomLog "C:/Users/me/Logs/test_access.log" combined
ErrorLog "C:/Users/me/Logs/test_error.log"
</VirtualHost>
<VirtualHost 0.0.0.0:443>
DocumentRoot "D:/Test/Site/public"
ServerName test.local
SSLEngine on
SSLCertificateFile "C:/Program Files/Apache24/conf/server.cert"
SSLCertificateKeyFile "C:/Program Files/Apache24/conf/server.key"
</VirtualHost>
and a simple index.php in D:/Test/Site/public:
<?php
phpinfo();
?>
Accessing via HTTPS works and correctly gives me the PHP Info page. Accessing via HTTP gives me a 404 Not Found error, however. Why would this be?
I have tried reordering the directives and adding a directory directive for the DocumentRoot directive. Neither seemed to make a difference.
I am using Apache 2.4 on Windows 10
I have a problem setting up my Apache server with mod_php. I have a website whose index.php page is generated in ~200ms. But Apache serves it in about 1.5sec. Why is this slowdown taking place?
If needed, my /etc/apache2/ports.conf file is:
Listen 80
<VirtualHost *:80>
ServerName mysite.local
ServerAlias www.mysite.local
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:9999/
ProxyPassReverse / http://localhost:9999/
</VirtualHost>
My file /etc/apache2/sites-available/mysite.local.conf is:
Listen 9999
User max
Group max
<VirtualHost *:9999>
ServerName 127.0.0.1:9999
DocumentRoot /home/max/www/mysite.local/www/html/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/max/www/mysite.local/www>
Options FollowSymLinks
AllowOverride All
#Order allow,deny
#Allow from all
Require all granted
</Directory>
ErrorLog /home/max/www/mysite.local/logs/error.log
LogLevel warn
CustomLog /home/max/www/mysite.local/logs/access.log combined
</VirtualHost>
My main question is why is this so slow and how can make it faster? I have tested putting the index.php content into a plain html file, and it is served in ~10ms. so the problem is probably with mod_php? Thanks in advance.
A reason could be that apache checks for .htaccess files recursively within each directory of the root for each request. apache is used very widely but not very fast or even optimized.
I definitely would suggest an nginx server combined with php-fpm. The configuration is very straight forward and if you're familiar with apache, you should not have problems using nginx. How To: https://tecadmin.net/setup-nginx-php-fpm-on-ubuntu-20-04/
I am trying to get a shibboleth set up working in a docker container behind a proxy.
Currently I am able to get redirected to the shibboleth idp page where I can enter my login details and shibboleth will authenticate me. It is failing with a 404 when it attempts to redirect back to: https://my-service.org/Shibboleth.sso/SAML2/POST
I can't tell if this is an apache issue or something with the shibboleth config.
There is a server with apache and docker running on it. The apache here is proxying traffic to the docker containers running on the same server. I have dns point a domain name to the proxy. Lets call it "my-service.org". The apache proxy config for my-service.org is as follows:
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerName my-service.org
ServerAdmin devs#blah.org
DocumentRoot /var/www/html/my-service
Redirect permanent / https://my-service.org/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerName my-service.org
ServerAdmin devs#blah.org
DocumentRoot /var/www/html/my-service
ErrorLog ${APACHE_LOG_DIR}/docker-dev/my-service.log
CustomLog ${APACHE_LOG_DIR}/docker-dev/my-service_ssl_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/blah.crt
SSLCertificateKeyFile /etc/ssl/private/blah.key
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLProtocol All -SSLv2 -SSLv3
SSLCompression off
SSLHonorCipherOrder on
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
RequestHeader set X-Forwarded-SSL expr=%{HTTPS}
ProxyPass / http://127.0.0.1:8088/
ProxyPassReverse / http://127.0.0.1:8088/
</VirtualHost>
</IfModule>
The 'my-service' container is based on the 'php:7-apache-buster' container and is running apache with shibd. It is part of a docker-compose stack. The apache config of the container is:
<VirtualHost *:80>
ServerAdmin me#blah.org
DocumentRoot /var/www/html/my-service
<Directory /var/www/html/my-service/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order deny,allow
Allow from all
</Directory>
<Location "/shibboleth_login.php">
AuthType shibboleth
ShibRequestSetting requireSession 1
ShibUseHeaders On
require valid-user
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Like I said everything is working up until the point of redirection back from the shibboleth idp to the SP, where it 404s. The logs are not telling me much but there is an error log when I load the containers apache config:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.6. Set the 'ServerName' directive globally to suppress this message
I am not sure if this would have an affect of the situation.
One thing I thought may have an affect is the fact that I have shibboleth set to handle SSL:
<Sessions lifetime="28800" timeout="3600" relayState="ss:mem"
checkAddress="false" handlerSSL="true" cookieProps="https">
But my container apache config only defines a HTTP virtual host block. As you can see the proxy passes the protocol to the container via the X-Forwarded-Proto and X-Forwarded-SSL headers. I needed those for the 'my-service' php app but not sure if they have an affect on shibboleth. The initial interaction with the idp works fine, its just the redirection back that doesn't work.
I figured out that I needed to add a ServerName attribute as follows:
<VirtualHost *:80>
ServerAdmin me#blah.org
DocumentRoot /var/www/html/my-service
ServerName https://my-service.org:443
UseCanonicalName On
<Directory /var/www/html/my-service/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order deny,allow
Allow from all
</Directory>
<Location "/shibboleth_login.php">
AuthType shibboleth
ShibRequestSetting requireSession 1
ShibUseHeaders On
require valid-user
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
We are trying to go live with our Laravel project on an Ubuntu server running Apache. While all routes and functionality works locally, after going live, all routes that are not the home route result in a 404 error.
I am using the default laravel .htaccess in the /public directory.
My /etc/apache2/sites-available looks as follows:
<VirtualHost *:80>
ServerName mydomain.com
ServerAlias www.mydomain.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/mydomain.com/public
<Directory /var/www/mydomain.com/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
The /mydomain.com/ root directory does not currently contain any .htaccess.
I enabled modrewrite using a2enmod rewrite and restarted apache after every change.
Has anyone else run into this issue? I appreciate any suggestions on how to resolve.
Thanks in advance!
You write mydomin.com in every rows. But later you talk about mydomain.com folder. (Note the A). Is it just a mistyping?
Update: The problem is an other mistyping: directories should be the same on the following lines:
DocumentRoot /var/www/html/mydomain.com/public
<Directory /var/www/html/mydomain.com/public>
I followed this guide and managed to make Python with a Django installation work perfectly, but it seems to have rendered all the locally hosted PHP sites inaccessible returning a 404 error.
httpd.conf
LoadModule wsgi_module modules/mod_wsgi.so
#This is placed right after the rule for <Directory "f:/WAMP/www/">
<Directory "f:/WAMP/www/python">
Options ExecCGI
AddHandler wsgi-script .py
Order allow,deny
Allow from all
</Directory>
#This is placed at the end of the file
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Include "f:/WAMP/alias/*"
Include "F:/WAMP/www/python/sandbox/apache/apache_django_wsgi.conf"
apache_django_wsgi.conf
Alias /python/images/ "F:/WAMP/www/python/sandbox/images"
<Directory "F:/WAMP/www/python/sandbox/images">
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias /python "F:/WAMP/www/python/sandbox/apache/django.wsgi"
<Directory "F:/WAMP/www/python/sandbox/apache">
Allow from all
</Directory>
<VirtualHost *:80>
DocumentRoot f:/WAMP/www/python/sandbox/
ServerName 127.0.0.1
</VirtualHost>
django.wsgi
import os, sys
sys.path.append('F:/WAMP/www/python/sandbox')
os.environ['DJANGO_SETTINGS_MODULE'] = 'sandbox.settings'
import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
PHP only renders when I comment out the lastline from httpd.conf.
You need to have another virtual host if you're going to set the DocumentRoot:
# This is for PHP
<VirtualHost *:80>
DocumentRoot f:/WAMP/www/
ServerName local.php.dev
</VirtualHost>
# This is for your Django stuff
<VirtualHost *:80>
DocumentRoot f:/WAMP/www/python/sandbox/
ServerName local.py.dev
</VirtualHost>
Otherwise, as it is now, all the local requests are being sent to the python sandbox.
Note that you'll need to have several hosts pointing locally.